diff --git a/CHANGELOG.md b/CHANGELOG.md
index 85f43610b..4d25f57a0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,7 +5,8 @@ All notable changes to this project will be documented in this file.
 
 ## [12.3.1.2]
 ### Added
-- Berry crypto add ``EC_P256`` and ``PBKDF2_HMAC_SHA256`` algorithms required by Matter protocol (#17473)
+- Berry crypto add ``EC_P256`` and ``PBKDF2_HMAC_SHA256`` algorithms required by Matter protocol
+- Berry crypto add ``random`` to generate series of random bytes
 
 ### Breaking Changed
 
diff --git a/lib/libesp32/berry_tasmota/src/be_crypto_lib.c b/lib/libesp32/berry_tasmota/src/be_crypto_lib.c
index d1e25392e..525f9b359 100644
--- a/lib/libesp32/berry_tasmota/src/be_crypto_lib.c
+++ b/lib/libesp32/berry_tasmota/src/be_crypto_lib.c
@@ -9,6 +9,7 @@
 #include "be_mapping.h"
 
 extern int be_class_crypto_member(bvm *vm);
+extern int m_crypto_random(bvm *vm);
 
 extern int m_aes_gcm_init(bvm *vm);
 extern int m_aes_gcm_encryt(bvm *vm);
@@ -145,6 +146,7 @@ class be_class_pbkdf2_hmac_sha256 (scope: global, name: PBKDF2_HMAC_SHA256) {
 
 module crypto (scope: global) {
   member, func(be_class_crypto_member)
+  random, func(m_crypto_random)
 }
 
 @const_object_info_end */
diff --git a/tasmota/tasmota_xdrv_driver/xdrv_52_3_berry_crypto.ino b/tasmota/tasmota_xdrv_driver/xdrv_52_3_berry_crypto.ino
index 21f1553b4..d9672d5ba 100644
--- a/tasmota/tasmota_xdrv_driver/xdrv_52_3_berry_crypto.ino
+++ b/tasmota/tasmota_xdrv_driver/xdrv_52_3_berry_crypto.ino
@@ -39,6 +39,32 @@ extern "C" {
   }
 }
 
+/*********************************************************************************************\
+ * Random bytes generator
+ * 
+ * As long as Wifi or BLE is enable, it uses a hardware source for true randomnesss
+ * 
+\*********************************************************************************************/
+extern "C" {
+  // `crypto.random(num_bytes:int) -> bytes(num_bytes)`
+  //
+  // Generates a series of random bytes
+  int m_crypto_random(bvm *vm);
+  int m_crypto_random(bvm *vm) {
+    int32_t argc = be_top(vm); // Get the number of arguments
+    if (argc >= 1 && be_isint(vm, 1)) {
+      int32_t n = be_toint(vm, 1);
+      if (n < 0 || n > 4096) { be_raise(vm, "value_error", ""); }
+
+      uint8_t rand_bytes[n];
+      esp_fill_random(rand_bytes, n);
+      be_pushbytes(vm, rand_bytes, n);
+      be_return(vm);
+    }
+    be_raise(vm, kTypeError, nullptr);
+  }
+}
+
 /*********************************************************************************************\
  * AES_GCM class
  *